domain – Can you use a subdomain pointed to an IP address for SSH

I have a website and I would like to use it for SSH-ing. I hate having to remember the IP address of my computer, so I hoped to do something like:

ssh uname@me.example.com -p 1234

or

ssh uname@eexample.com/me -p 1234

or no matter where I do not need to remember my IP, I just need the address. I really do not know much about networking, but I think example.com/me would not work because this would be handled by the web server (regardless of the use of GitHub pages), and therefore could not be redirected to a sensitive IP address. But I guess I could get it to work with a subdomain me.example.comand that would be great.

So can you use a subdomain pointed to an IP address for SSH?

For info, I currently have my domain with Google Domains.

ssh – What does nodejs support on a hosting plan?

Node.JS installed on a shared host means that the hosting platform supports the running Node.JS applications (applications that have a package.json file).

You can not just install Node.JS on a shared host platform because the hosting service is provided to you as a platform architecture as a service.
A PaaS architecture means that the hosting provider is responsible for the hosting structure, from the physical hardware to the operating system to the hosting infrastructure (Apache, Node.JS, PHP, Ruby, etc).
You are responsible for creating your application and its application.
Thus, the hosting provider will provide access to the file system to allow you to download your application on its structure.

Because you do not have access to the operating system, you will not be able to install new hosting applications in the structure. This means that you will want to make sure that all the frameworks are installed and up to date on the host so that your application you want to host can run.

Node.JS must be installed in the operating system to run, which means that you will not be able to deploy it in a PaaS host.

If the host provides you with a virtual machine (IaaSYou can do whatever you want because you have full control of the operating system.
Excluding some MAC address stuff like that goes into the physical layer of things.

I hope it helps 😎

Thank you!

Abuse of SSH to keep control of Windows

I am curious how an attacker could install SSH on a Windows server without an established RDP session. (Only the cmd.exe shell)

Does anyone know any techniques or references to this?

Suppose an attacker has access to a Windows server via a reverse meterpreter tcp shell post-exploitation. How could the attacker download and install an ssh service via a basic cmd shell (with or without Powershell).

ssh – How can you monitor all changes made on a Linux server?

We sometimes have contracted developers who have to work on the server (via ssh or sftp) and I looked for ways to monitor what they are doing on our Debian server. We have ways to limit access (restrict access by IP) so that they only have access when we make them work on something, but we would like to be able to monitor sessions to see what they did (possible on a desktop but do not know if this is possible on a Linux server).

Sometimes, contractors need privileged access to solve problems, which means they can change. nginx config or modify databases. Privileged access also gives them the option of adding malicious code (logic bombs, etc.) or breaking things by accident without knowing what they did to break them.

LXD is not a sufficient option because it does not monitor key entries and resource providers must have access to (the entire stack of php web applications) is active. So if they break it, we still have to go to a backup web server. While chroot can be used to limit what the user can do, this is not a monitoring tool.

the history The file under Linux can be modified by the user and even if it can not be modified, the commands are not executed after entering a prompt (as after the seizure mysql or open a file). Add git at the root of the system has the same limits.

We have a server that contains the production database and the native scripts of the website that we can quickly switch in case of an emergency. But without a way to inventory who had access AND exactly what they did, pinpoint the blame or even define what was done is a nightmare.

What solutions are available for this?
Are there reliable keyloggers that can be used for this purpose?
Are there any business solutions for this?

Ssh keys – How can I use Ansible with SSH signed client certificate for connections?

I've implemented SSH certification authority client signing on my servers. Sshd is configured on my servers with the following directive:

TrustedUserCAKeys /etc/ssh/trusted-users-ca.pem

I have modified my local ssh configuration file so that my certificate is also sent when I connect to my servers:

Host *.internal.headincloud.be
        User centos
        IdentityFile ~/.ssh/datacenter-hic-deploy
        CertificateFile = ~/.ssh/datacenter-hic-deploy-cert.pub

It seems to work fine and I can connect to my server without having to deploy an allowed_keys file.

However, Ansible is unable to connect my servers:

TASK [Gathering Facts] *********************************************************************************************************************************************************************
fatal: [postgres-01]: UNREACHABLE! => {"changed": false, "msg": "SSH Error: data could not be sent to remote host "192.168.90.40". Make sure this host can be reached over ssh", "unreachable": true}

As I already mentioned, I can connect via ssh very well.

I guess Ansible does not send the certificate file, that's why I can not connect.

I have tried to modify my ansible.cfg as follows:

ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s -i ~/.ssh/datacenter-hic-deploy-cert.pub

or

ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s -i /Users/jeroenjacobs/.ssh/datacenter-hic-deploy-cert.pub

Neither of those who work.

I can not find a way to tell Ansible how to do that. Someone has an idea?

ssh in a Linux virtual machine on Windows 10 with PowerShell Direct

How can I connect to a Linux virtual machine under Windows 10 with the help of PowerShell Direct?

I saw the blog of Thomas Maurer which explains how to integrate SSH under Linux 10 under Windows 10 with PowerShell Direct.

When I run hvc ssh or hvc.exe ssh from any directory, I receive:

Copyright (c) Microsoft Corporation. All rights reserved.

usage: hvc.exe ssh (options) (user@)

  Connects to the VM via ssh. The command line is passed through to the
  configured ssh client.

  Configuration options:

    ssh.command       Command to use. (default: ssh.exe, putty.exe, or
                      "wsl.exe ssh", whichever exists)

    ssh.commandtype   The type of options that the ssh client supports,
                      openssh or putty. (default: auto-detect)

  Environment variables:

    HV_SSH_COMMAND    Overrides the ssh.command configuration option.

So, it seems that hvc is in the $env:Path variable.
However, when I run hvc.exe ssh test_vm or hvc.exe ssh "test_vm", I receive:

'C:Program' is not recognized as an internal or external command,
operable program or batch file.

Get-VM results:

Name            State   CPUUsage(%) MemoryAssigned(M) Uptime           Status             Version
----            -----   ----------- ----------------- ------           ------             -------
test_vm         Running 0           1478              00:48:07.9110000 Operating normally 9.0

I am using CentOS 7.7.1908 as a virtual machine image.

centos7 – The bar chart of Mysqldump can not be downloaded via ssh. Failure during ssh key authentication

I'm trying to use mysqldump helm chart and download the dump via ssh on a remote server. It worked in my development environment (the SSH download destination was ubuntu16.04) but it does not work for my internship (Centos 7.6) either. In digging further, I realized, work mysqldump, create a pod with the file id_rsa (private key) provided by the values, and try to copy the dump files via rsync as follows:

rsync -av –delete – exclude = *. state & # 39; -e – ssh -o StrictHostKeyChecking = accept-new -o UserKnownHostsFile = / dev / null & # 39; / backup / matrix @ dev: / home / matrix / backup

I've tried creating a test module both in development and on stage, and I realized:
ssh to dev works
ssh -o StrictHostKeyChecking = accept-new -o UserKnownHostsFile = / dev / null # / backup / matrix @ dev: / home / matrix / backup

while ssh scene
ssh -o StrictHostKeyChecking = accept-new -o UserKnownHostsFile = / dev / null # / backup / matrix @ stage: / home / matrix / backup

The respective newspapers at the time of the issue of the orders, in commented mode are as follows:
Dev
16 Sep 01:42:17 xxxx sshd (6363): Error: AuthorizedKeysCommand / usr / bin / sss_ssh_authorizedkeys xxxxuser failed, state 1
Sep 16 01:42:17 xxxx sshd (6363): Allowed publication for xxxxuser from port 10.xx.xx.xxx 1156 ssh2: RSA SHA256: NVFUunIzv3kRv3tCynYcLpzawkyOWqod0nMqJIVjoO8
16 Sep 01:42:17 xxxx sshd (6363): pam_unix (sshd: session): open session for the user xxxxuser by (uid = 0)
16 Sep 01:42:17 xxxx sshd (6363): The child user is on the pid 6405
16 Sep. 01:42:17 xxxx sshd (6405): Startup session: shell on pts / 4 for xxxxuser from port 115x 10.xx.xxx id 0

Stage <- Does not work
Sep 16 2:50:15 sshd (28876): Connection from port 33524 10.xx.xxx.xxx to port 22
Sep 16 2:50:15 sshd (28876): new configuration line 32: deprecated option RSAAuthentication
Sep 16 02:50:15 sshd (28876): removing configuration line 39: obsolete option RhostsRSAAuthentication
Sep 16 02:50:15 sshd (28876): Error: AuthorizedKeysCommand / usr / bin / sss_ssh_authorizedkeys test failed, status 1
16 Sep 02:50:15 sshd (28876): Failed to publish test on port 33×24.xxx.xxx 33524 ssh2: RSA SHA256: + Qq2Nr / TEWhv3JlY7ZKCD / eKa78ekvhS7Im6Co3
Sep 16 2:50:15 sshd (28876): none failed for testing from the 10.xx.xxx.xxx port 33524 ssh2
16 Sep 02:50:15 sshd (28876): Password failed for testing from port 33524 sx2 of 10.xx.xxx.xxx
16 Sep 02:50:15 sshd (28876): Password failed for testing from port 33524 sx2 of 10.xx.xxx.xxx
16 Sep 02:50:15 sshd (28876): connection closed by port 33524 10.xx.xxx.xxx (preauth)

The Openssh configuration files are the same at both locations, Stageh's Version Version is the last, exactly 7.4 while dev is 7.2.

It's been too long since I've been hired, I could really need help.

Running Rsnapshot Remote Backup Script on a non-standard ssh port

Use rsnapshot to back up a remote host with a non-standard ssh port (: 444)

Configuring rsnapshot.conf:

ssh_args        -p444
backup  user@domain:/data/location/       vps2/site/ 

D & # 39; agreement, no problem on port 444 for a "normal" backup.

The problems concern the execution of backup_script:

backup_script   ssh user@domain "/scripts/myscript" Unused/
OR
backup_script   ssh user@domain "/scripts/myscript" Unused/ +ssh_args=-p444
OR
backup_script   ssh user@domain "/scripts/myscript" Unused/ +ssh_args=-P 444

KO 255 ​​error, the command is executed on port 22 (+ ssh_args = -p444 or -P 444 seems ignored)

backup_script   scp -r -P 444 user@domain:/tmp/rsnapshot/mysql/ /c/snapshot/tmp/        dump/

D & # 39; agreement, no problem with scp on port 444

Any idea about how to configure the port: for running ssh script backup_script? Thank you

Why is my ssh / config file unreadable?

I'm trying to edit my ssh / config file, but when I type emacs ~ / .ssh / config in Terminal, it means that the file is not readable and that my changes will not be backed up . When I try to overwrite, it is stated that permission is denied. Why does this happen?